FOSS is sometimes less secure, because it builds on the fact that the user is also a contributor, not all decisions are premade and there is a ton of freedom.
Take Android or iOS for example, both are pretty much equally secure and both are very freedom restricting.
These are core architecture advantages like
encrypted user accounts
the system actually using the secure element
monopole allowing them to enforce a mostly opt-in permission model
apps need to comply or they dont exist
Android is still mostly Open source but it isnt really free from the user perspective. This is not really the purpose of FOSS tbh, but FOSS software is often very configurable, allows replacing stuff, using what you want, which increases attack surface a lot.
FOSS is sometimes less secure, because it builds on the fact that the user is also a contributor, not all decisions are premade and there is a ton of freedom.
Take Android or iOS for example, both are pretty much equally secure and both are very freedom restricting.
These are core architecture advantages like
Android is still mostly Open source but it isnt really free from the user perspective. This is not really the purpose of FOSS tbh, but FOSS software is often very configurable, allows replacing stuff, using what you want, which increases attack surface a lot.